I decided to take another crack at this problem and finally found a solution.
First, I needed to move my /path/to/my_ca_bundle
to /usr/share/ca-certificates/my_project/my_ca_bundle
.
Second, I needed to update /etc/ca-certificates.conf
with the line my_project/my_ca_bundle
.
Third, I needed to run sudo update-ca-certificates
.
Finally, I needed to remove the ssl.cafile
option from my PHP stream context (I can't seem to get it to work with this line in place).
The CAFile
option in /etc/mongod.conf
is unnecessary as well, and is problematic unless it uses the allowConnectionsWithoutCertificates: true
line noted in the other answer.
That was a mess, but everything works now!